The use of wireless communication devices has increased over the years. In present day communication networks, mobile devices such as PDAs, cellular phones and laptops need authentication before getting access to private databases or access to the Internet. Devices are authenticated through an Infrastructure Access Point (IAP), typically a base station, which is connected to an authentication server. The authentication request is transmitted using the Extensible authentication protocol (EAP) comprising of EAP over LAN (EAPOL) packets. The entire authentication process involves several EAPOL packets being transmitted and received, starting with an EAP Start packet and being completed with either an EAP Success message packet or an EAP Failure message packet. The authentication server stores the authentication credentials of the device (typically called a supplicant) that is being authenticated using the authentication server. Authentication servers can also be connected to other authentication servers to obtain authentication credentials of supplicants that are not stored locally.
In prior systems, a centralized approach is followed wherein a single IAP handles the authentication process of all supplicants within the range of the IAP. Since every supplicant can only be authenticated via the IAP, this method has several shortcomings. Prior systems which adhere to American National Standards Institute/Institute of Electrical and Electronics Engineers ANSI/IEEE 802.1X or ANSI/IEEE 802.11i standards utilize such a method. In such standards, the process of authentication of mobile devices is defined and the standards discuss a supplicant, an authenticator and an authentication server, where the authentication server authenticates a supplicant using an authenticator. The authentication server trusts the authenticator to forward correct authentication information received from the supplicant to the authentication server. However the authentication process as defined in the standards requires that the supplicant have a direct communication channel with the authenticator, and as such the standards do not support wireless multi-hop communications.
Since prior systems rely on a centralized approach and require a direct communication channel, there is a need for an improved system and method for providing multi-hop access.